ID

VAR-201801-0151


CVE

CVE-2017-16724


TITLE

Advantech WebAccess Buffer error vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2017-011795 // CNNVD: CNNVD-201801-242

DESCRIPTION

A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple instances of a vulnerability that allows too much data to be written to a location on the stack. Advantech WebAccess Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the parsing of the command line in the bwmail utility. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment

Trust: 10.53

sources: NVD: CVE-2017-16724 // JVNDB: JVNDB-2017-011795 // ZDI: ZDI-18-044 // ZDI: ZDI-18-046 // ZDI: ZDI-18-051 // ZDI: ZDI-18-043 // ZDI: ZDI-18-049 // ZDI: ZDI-18-052 // ZDI: ZDI-18-058 // ZDI: ZDI-18-042 // ZDI: ZDI-18-047 // ZDI: ZDI-18-025 // ZDI: ZDI-18-061 // ZDI: ZDI-18-053 // ZDI: ZDI-18-050 // CNVD: CNVD-2018-00671 // IVD: e2e0e08f-39ab-11e9-b1d1-000c29342cb1

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: e2e0e08f-39ab-11e9-b1d1-000c29342cb1 // CNVD: CNVD-2018-00671

AFFECTED PRODUCTS

vendor:advantechmodel:webaccessscope: - version: -

Trust: 9.1

vendor:advantechmodel:webaccessscope:ltversion:8.3

Trust: 2.4

vendor:advantechmodel:webaccessscope:eqversion:8.1

Trust: 0.6

vendor:advantechmodel:webaccessscope:eqversion:7.2

Trust: 0.6

vendor:advantechmodel:webaccessscope:eqversion:8.0

Trust: 0.6

vendor:webaccessmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: e2e0e08f-39ab-11e9-b1d1-000c29342cb1 // ZDI: ZDI-18-044 // ZDI: ZDI-18-050 // ZDI: ZDI-18-053 // ZDI: ZDI-18-061 // ZDI: ZDI-18-025 // ZDI: ZDI-18-047 // ZDI: ZDI-18-042 // ZDI: ZDI-18-058 // ZDI: ZDI-18-052 // ZDI: ZDI-18-049 // ZDI: ZDI-18-043 // ZDI: ZDI-18-051 // ZDI: ZDI-18-046 // CNVD: CNVD-2018-00671 // JVNDB: JVNDB-2017-011795 // CNNVD: CNNVD-201801-242 // NVD: CVE-2017-16724

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2017-16724
value: HIGH

Trust: 8.4

nvd@nist.gov: CVE-2017-16724
value: CRITICAL

Trust: 1.0

NVD: CVE-2017-16724
value: CRITICAL

Trust: 0.8

ZDI: CVE-2017-16724
value: MEDIUM

Trust: 0.7

CNVD: CNVD-2018-00671
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201801-242
value: CRITICAL

Trust: 0.6

IVD: e2e0e08f-39ab-11e9-b1d1-000c29342cb1
value: CRITICAL

Trust: 0.2

ZDI: CVE-2017-16724
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 8.4

nvd@nist.gov: CVE-2017-16724
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2017-16724
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

CNVD: CNVD-2018-00671
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e2e0e08f-39ab-11e9-b1d1-000c29342cb1
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2017-16724
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: IVD: e2e0e08f-39ab-11e9-b1d1-000c29342cb1 // ZDI: ZDI-18-044 // ZDI: ZDI-18-050 // ZDI: ZDI-18-053 // ZDI: ZDI-18-061 // ZDI: ZDI-18-025 // ZDI: ZDI-18-047 // ZDI: ZDI-18-042 // ZDI: ZDI-18-058 // ZDI: ZDI-18-052 // ZDI: ZDI-18-049 // ZDI: ZDI-18-043 // ZDI: ZDI-18-051 // ZDI: ZDI-18-046 // CNVD: CNVD-2018-00671 // JVNDB: JVNDB-2017-011795 // CNNVD: CNNVD-201801-242 // NVD: CVE-2017-16724

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.8

problemtype:CWE-121

Trust: 1.0

sources: JVNDB: JVNDB-2017-011795 // NVD: CVE-2017-16724

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201801-242

TYPE

Buffer error

Trust: 0.8

sources: IVD: e2e0e08f-39ab-11e9-b1d1-000c29342cb1 // CNNVD: CNNVD-201801-242

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-011795

PATCH

title:Advantech has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-18-004-02

Trust: 9.1

title:Advantech WebAccessurl:http://www.advantech.com/industrial-automation/webaccess

Trust: 0.8

title:Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability (CNVD-2018-00671)url:https://www.cnvd.org.cn/patchInfo/show/113123

Trust: 0.6

title:Advantech WebAccess Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=77553

Trust: 0.6

sources: ZDI: ZDI-18-044 // ZDI: ZDI-18-050 // ZDI: ZDI-18-053 // ZDI: ZDI-18-061 // ZDI: ZDI-18-025 // ZDI: ZDI-18-047 // ZDI: ZDI-18-042 // ZDI: ZDI-18-058 // ZDI: ZDI-18-052 // ZDI: ZDI-18-049 // ZDI: ZDI-18-043 // ZDI: ZDI-18-051 // ZDI: ZDI-18-046 // CNVD: CNVD-2018-00671 // JVNDB: JVNDB-2017-011795 // CNNVD: CNNVD-201801-242

EXTERNAL IDS

db:NVDid:CVE-2017-16724

Trust: 12.3

db:BIDid:102424

Trust: 2.2

db:ICS CERTid:ICSA-18-004-02

Trust: 1.6

db:CNVDid:CNVD-2018-00671

Trust: 0.8

db:CNNVDid:CNNVD-201801-242

Trust: 0.8

db:ICS CERTid:ICSA-18-004-02A

Trust: 0.8

db:JVNDBid:JVNDB-2017-011795

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-5045

Trust: 0.7

db:ZDIid:ZDI-18-044

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5052

Trust: 0.7

db:ZDIid:ZDI-18-050

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5054

Trust: 0.7

db:ZDIid:ZDI-18-053

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5064

Trust: 0.7

db:ZDIid:ZDI-18-061

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-4993

Trust: 0.7

db:ZDIid:ZDI-18-025

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5048

Trust: 0.7

db:ZDIid:ZDI-18-047

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5043

Trust: 0.7

db:ZDIid:ZDI-18-042

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5061

Trust: 0.7

db:ZDIid:ZDI-18-058

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5053

Trust: 0.7

db:ZDIid:ZDI-18-052

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5050

Trust: 0.7

db:ZDIid:ZDI-18-049

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5044

Trust: 0.7

db:ZDIid:ZDI-18-043

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5051

Trust: 0.7

db:ZDIid:ZDI-18-051

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5047

Trust: 0.7

db:ZDIid:ZDI-18-046

Trust: 0.7

db:IVDid:E2E0E08F-39AB-11E9-B1D1-000C29342CB1

Trust: 0.2

sources: IVD: e2e0e08f-39ab-11e9-b1d1-000c29342cb1 // ZDI: ZDI-18-044 // ZDI: ZDI-18-050 // ZDI: ZDI-18-053 // ZDI: ZDI-18-061 // ZDI: ZDI-18-025 // ZDI: ZDI-18-047 // ZDI: ZDI-18-042 // ZDI: ZDI-18-058 // ZDI: ZDI-18-052 // ZDI: ZDI-18-049 // ZDI: ZDI-18-043 // ZDI: ZDI-18-051 // ZDI: ZDI-18-046 // CNVD: CNVD-2018-00671 // JVNDB: JVNDB-2017-011795 // CNNVD: CNNVD-201801-242 // NVD: CVE-2017-16724

REFERENCES

url:https://ics-cert.us-cert.gov/advisories/icsa-18-004-02

Trust: 10.7

url:http://www.securityfocus.com/bid/102424

Trust: 2.2

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16724

Trust: 0.8

url:https://ics-cert.us-cert.gov/advisories/icsa-18-004-02a

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2017-16724

Trust: 0.8

sources: ZDI: ZDI-18-044 // ZDI: ZDI-18-050 // ZDI: ZDI-18-053 // ZDI: ZDI-18-061 // ZDI: ZDI-18-025 // ZDI: ZDI-18-047 // ZDI: ZDI-18-042 // ZDI: ZDI-18-058 // ZDI: ZDI-18-052 // ZDI: ZDI-18-049 // ZDI: ZDI-18-043 // ZDI: ZDI-18-051 // ZDI: ZDI-18-046 // CNVD: CNVD-2018-00671 // JVNDB: JVNDB-2017-011795 // CNNVD: CNNVD-201801-242 // NVD: CVE-2017-16724

CREDITS

Steven Seeley (mr_me) of Offensive Security

Trust: 9.1

sources: ZDI: ZDI-18-044 // ZDI: ZDI-18-050 // ZDI: ZDI-18-053 // ZDI: ZDI-18-061 // ZDI: ZDI-18-025 // ZDI: ZDI-18-047 // ZDI: ZDI-18-042 // ZDI: ZDI-18-058 // ZDI: ZDI-18-052 // ZDI: ZDI-18-049 // ZDI: ZDI-18-043 // ZDI: ZDI-18-051 // ZDI: ZDI-18-046

SOURCES

db:IVDid:e2e0e08f-39ab-11e9-b1d1-000c29342cb1
db:ZDIid:ZDI-18-044
db:ZDIid:ZDI-18-050
db:ZDIid:ZDI-18-053
db:ZDIid:ZDI-18-061
db:ZDIid:ZDI-18-025
db:ZDIid:ZDI-18-047
db:ZDIid:ZDI-18-042
db:ZDIid:ZDI-18-058
db:ZDIid:ZDI-18-052
db:ZDIid:ZDI-18-049
db:ZDIid:ZDI-18-043
db:ZDIid:ZDI-18-051
db:ZDIid:ZDI-18-046
db:CNVDid:CNVD-2018-00671
db:JVNDBid:JVNDB-2017-011795
db:CNNVDid:CNNVD-201801-242
db:NVDid:CVE-2017-16724

LAST UPDATE DATE

2024-11-07T22:19:26.521000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-18-044date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-050date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-053date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-061date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-025date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-047date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-042date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-058date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-052date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-049date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-043date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-051date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-046date:2018-01-05T00:00:00
db:CNVDid:CNVD-2018-00671date:2018-01-10T00:00:00
db:JVNDBid:JVNDB-2017-011795date:2018-01-26T00:00:00
db:CNNVDid:CNNVD-201801-242date:2019-10-17T00:00:00
db:NVDid:CVE-2017-16724date:2019-10-09T23:25:14.830

SOURCES RELEASE DATE

db:IVDid:e2e0e08f-39ab-11e9-b1d1-000c29342cb1date:2018-01-10T00:00:00
db:ZDIid:ZDI-18-044date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-050date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-053date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-061date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-025date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-047date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-042date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-058date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-052date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-049date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-043date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-051date:2018-01-05T00:00:00
db:ZDIid:ZDI-18-046date:2018-01-05T00:00:00
db:CNVDid:CNVD-2018-00671date:2018-01-10T00:00:00
db:JVNDBid:JVNDB-2017-011795date:2018-01-26T00:00:00
db:CNNVDid:CNNVD-201801-242date:2018-01-08T00:00:00
db:NVDid:CVE-2017-16724date:2018-01-05T08:29:00.347